syslog marking sendmail output as "kernel:"

Tuc at T-B-O-H.NET ml at t-b-o-h.net
Wed Oct 17 13:55:45 PDT 2007 

> 
> On Oct 16, 2007, at 6:01 PM, Matt Emmerton wrote:
> > There must be somewhere in the kernel where we're writing to the  
> > syslog with an empty error string.  The syslog routines expect a  
> > newline-terminated character string, so the lack of a newline  
> > causes the next entry to be on the same line as the (non-existant)  
> > kernel message.
> 
> Actually, syslog should be just fine without getting a trailing  
> newline; from the manpage:
> 
> "    The message is identical to a printf(3) format string, except  
> that `%m'
>       is replaced by the current error message.  (As denoted by the  
> global
>       variable errno; see strerror(3).)  A trailing newline is added  
> if none is
>       present."
> 
Hi Chuck,

	I'm still not convinced thats the issue. I did a "-d" on syslog
and came up with. With a syslog.conf of :

*.err;kern.debug;auth.notice;mail.crit          /dev/console
*.emerg                                         *
*.debug                                         /var/log/spool


	the syslog is seeing :

logmsg: pri 22, flags 0, from valhalla, msg Oct 16 21:29:00 sm-mta[31804]: l9H1Srwd031804: SYSERR(root): collect: I/O error on connection from [61.177.142.218], from=<linboduschmet at bodusch.de>^M
Logging to CONSOLE /dev/console^M
Logging to FILE /var/log/spool^M
logmsg: pri 166, flags 17, from valhalla, msg Oct 16 21:29:00 valhalla sm-mta[31804]: l9H1Srwd031804: SYSERR(root): collect: I/O error on connection from [61.177.142.218], from=<linboduschmet at bodusch.de>^M
Logging to FILE /var/log/spool^M


        So something IS sending it twice, once at pri 22, no flags, then once
at 166 flags 17. (Unless by some configuration flukeyness its "reprocessing"
the line). So IMHO its not getting something improperly terminated. Its
getting the line twice at different pri/flags causing it to prepend the
"Oct 16 00:00:25 valhalla kernel:" to the already formatted 
"Oct 16 21:29:00 valhalla sm-mta[31804]: l9H1Srwd031804: SYSERR(root): collect: 
I/O error on connection from [61.177.142.218], from=<linboduschmet at bodusch.de"

	The question is is it because of some weird syslog config, or
is it sendmail (8.13.1)?

		Thanks, Tuc

More information about the freebsd-questions mailing list